ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Bookmate Data Breach

bookmate.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 3,830,916
Breach date 08 Jul 2018
Added to tracker 22 Mar 2019
Data classes 7

What happened

In mid-2018, the social ebook subscription service Bookmate was among a raft of sites that were breached and their data then sold in early-2019. The data included almost 4 million unique email addresses alongside names, genders, dates of birth and passwords stored as salted SHA-512 hashes.

Exposed data

Dates of birth Email addresses Genders Geographic locations Names Passwords Usernames

Recommended actions

  • Change your Bookmate password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Bookmate — attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP